Introducing Unified Vulnerability Response Workspaces!!

sivamallu
ServiceNow Employee
ServiceNow Employee
‎02-06-2023 10:07 AM

Summary

 

Workspaces offer a single pane view of the work to be done and let the users multi-task from within the same pane boosting their productivity. Vulnerability Response Workspaces are now available for Configuration Compliance, Application Vulnerabilities and Container Vulnerability Response. Vulnerability Managers can manage vulnerabilities of hosts, containers and applications and configuration test results from the Vulnerability Manager workspace. Remediation owners can view a consolidated list of Remediation Tasks and act on them from the IT Remediation workspace.

 

Unified Vulnerability Response Workspaces

Vulnerability Response Workspaces are a set of two workspaces, Vulnerability Manager Workspace and IT Remediation Workspace, that provide Vulnerability Managers and IT Remediation Owners with a tailored experience for their role, enabling them to manage vulnerabilities and misconfigurations quickly and efficiently. Workspaces offer a single pane view of the work to be done and let the users multi-task from within the same pane boosting their productivity. In the Rome platform version, we launched the Vulnerability Manager workspace and IT Remediation workspace to manage infrastructure vulnerabilities and received excellent customer response.

 

Vulnerability Manager Workspace and IT Remediation workspace are now extended to support Configuration Compliance, Application Vulnerability Response and Container Vulnerability Response in unison with each other and with Vulnerability Response. Vulnerability Managers can manage vulnerabilities and configuration test results of hosts, containers, and applications from the Vulnerability Manager workspace. Remediation Owners can remediate, request exceptions (with questionnaire), and create change requests from the IT Remediation workspace.

 

Remediation Tasks for Application and Container vulnerabilities.

Vulnerability Managers can leverage the new unified Vulnerability Manager workspace to group vulnerabilities of containers or applications into Remediation Tasks and assign them to Remediation owners. This grouping ability for application and container vulnerabilities is available only from the workspaces. 

 

Remediation Owners can view a consolidated and prioritised list of Remediation Tasks for vulnerabilities and misconfigurations from hosts, containers, and applications in a single list and act on these tasks from the IT Remediation workspace.

 

Remediation Tasks in IT Remediation WorkspaceRemediation Tasks in IT Remediation Workspace

 

Vulnerability Manager Workspace

The Vulnerability Manager Workspace is for the Vulnerability Managers overseeing any one or more of the host, container, and application vulnerabilities and misconfigurations.

  • Vulnerability Managers can now create Watch Topics for application vulnerabilities, container vulnerabilities or misconfigurations in the Vulnerability Manager workspace. For example, you can create a watch topic for configuration test results to track compliance with CIS benchmarks.

Watch Topics - Vulnerability Manager WorkspaceWatch Topics - Vulnerability Manager Workspace

 

  • Remediation Efforts and Remediation Tasks can be created for application vulnerabilities, container vulnerabilities or misconfigurations from the watch topics.

Remediation Effort and Remediation Tasks - Vulnerability Manager WorkspaceRemediation Effort and Remediation Tasks - Vulnerability Manager Workspace

 

  • From the List page of the Vulnerability Manager workspace, the vulnerability manager can access various lists of entities such as Remediation Tasks, Vulnerable Items, Configuration Test Results, Exceptions as well as Libraries, including CVEs, Third Party Vulnerability entries, Policies and Tests. The Remediation Tasks list is a consolidated and prioritised list of Remediation Tasks created from both classic user experience and new workspaces.

Lists and Libraries - Vulnerability Manager WorkspaceLists and Libraries - Vulnerability Manager Workspace

 

You can learn more about the Vulnerability Manager Workspace by visiting our documentation site.

 

IT Remediation Workspace

IT Remediation Workspace is for remediation personas of hosts, applications or containers impacted by vulnerabilities or misconfigurations.

  • Remediation Owners working on one or more of host, container, and application vulnerabilities and misconfigurations can view a consolidated and prioritised list of Remediation Tasks assigned to them and their group.
  • Remediation Owners can keep entities open in different tabs to work parallelly on multiple tasks.
  • Remediation Tasks show required information to quickly assess and take actions such as requesting an exception, creating a change request, marking it as a false positive or moving the task to a different state.
  • From the List page of the Remediation workspace, the remediation owner can access various lists of entities such as Remediation Tasks, Impacted CIs, Vulnerable Items, Configuration Test Results and Exception requests.

Remediation Tasks in IT Remediation WorkspaceRemediation Tasks in IT Remediation Workspace

 

You can learn more about the IT Remediation Workspace by visiting our documentation site.

 

To get the latest workspaces, please update your Vulnerability Response store app to version 18.0 from the store. The minimum platform version supported is San Diego.

 

If you have feedback that you would like to share with us, please feel free to reach us at the below emails.

  • Siva Reddy Mallu, Principal Product Manager - VR (siva.mallu@servicenow.com)
  • Ravi Kumar Kanukollu, Senior Manager - VR Product (ravikumar.kanukollu@servicenow.com)
  • 2,959 Views
3 Comments